-- -- security-management-mib.my -- MIB generated by MG-SOFT Visual MIB Builder Version 6.0 Build 88 -- Monday, March 13, 2006 at 18:53:18 -- -- security-management-mib.my -- MIB generated by MG-SOFT Visual MIB Builder Version 3.0 Build 253 -- Monday, February 27, 2006 at 19:18:22 -- -- SECURITY-MANAGEMENT-MIB.my -- MIB generated by MG-SOFT Visual MIB Builder Version 3.0 Build 253 -- Wednesday, November 23, 2005 at 13:35:05 -- -- SECURITY-MANAGEMENT-MIB.my -- MIB generated by MG-SOFT Visual MIB Builder Version 3.0 Build 253 -- Wednesday, April 20, 2005 at 16:07:15 -- -- SECURITYMANAGEMENTMIB.my -- MIB generated by MGSOFT Visual MIB Builder Version 3.0 Build 253 -- Wednesday, January 12, 2005 at 14:00:10 -- -- SECURITYMANAGEMENTMIB.my -- MIB generated by MGSOFT Visual MIB Builder Version 3.0 Build 253 -- Tuesday, January 11, 2005 at 18:41:44 -- -- SECURITYMANAGEMENTMIB.my -- MIB generated by MGSOFT Visual MIB Builder Version 3.0 Build 253 -- Wednesday, September 15, 2004 at 13:47:14 -- -- SECURITYMANAGEMENTMIB.my -- MIB generated by MGSOFT Visual MIB Builder Version 3.0 Build 253 -- Sunday, June 27, 2004 at 18:06:47 -- -- ========================================================== -- -- MIB : SECURITYMANAGEMENTMIB Avaya -- -- Version : 1.1.0 -- -- ========================================================== -- -- Copyright 1999 2010 Avaya Ltd. -- All Rights Reserved. -- -- Reproduction of this document is authorized on condition -- that the foregoing copyright notice is included. -- -- This Avaya SNMP Management Information Base -- Specification embodies Avaya confidential and -- proprietary intellectual property. Lucent Technologies retains all -- title and ownership in the Specification, including any revisions -- -- It is Avaya intent to encourage the widespread use of this -- Specification in connection with the management of Avaya -- products. -- -- Avaya grants vendors, endusers, and other interested parties -- a nonexclusive license to use this Specification in connection -- with the management of Avaya products. -- -- This Specification is supplied "as is," and Avaya makes -- no warranty, either express or implied, as to the use, -- operation, condition, or performance of the Specification. -- --========================================================== -- -- Version 1.1.0 -- 24 Oct 2010 -- Adding traps which support IPv6. -- a. avUnAuthAccessEvent. -- b. avAccountLockoutEvent. -- c. avIPv6AddressDuplicationEvent. -- Shlomi biton -- --========================================================== -- -- Version 1.0.12 -- 15 Jun 2009 -- Adding arpInspection(23) enumeration to secMngProtoId. -- Shlomi biton -- --========================================================== -- -- Version 1.0.11 -- 07 Feb 2008 -- Changing the secMngNumOfDays2Expire to -- Udi Ezra ; Shlomi biton --========================================================== -- -- Version 1.0.10 -- 07 Feb 2008 -- Adding the trap avPasswordToExpireAlert -- Pesah Spector -- ========================================================== -- -- Version 1.0.9 -- 11 Jan 2007 -- Adding avSecLocalDateAndTime - for setting date and time. -- -- ========================================================== -- -- Version 1.0.8 -- 02 Nov 2006 -- Adding DNS Relay to dnsRelay(22) to secMngProtoId. -- -- ========================================================== -- -- Version 1.0.7 -- 2 MAr 2005 -- Added support for MSS notification generated as result of DoS attacks -- or unauthenticated attempts - see definition in CID 104904. All -- new MIB objects - notification and varbinds are located under -- avMssNotifications MIB subtree. -- -- ========================================================== -- -- Version 1.0.6 -- 11 Jan 2005 -- Added support for SYN cookies operational state monitoring, -- and configueration state monitoring/change. -- The following items were added: -- o secTcpSynCookies -- o secTcpSynCkiOpState -- o secTcpSynCkiCfgState -- -- Changed by Nimrod Dezent -- ========================================================== -- -- Version 1.0.5 -- 04 Oct 2004 -- Definition of DNS resolver enumerations. -- Adding dnsResolver(18) to secMngProtoId. -- -- Changed by Shlomi Biton -- ========================================================== -- -- Version 1.0.4 -- 04 July 2004 -- Add new mib object fipsEnhancedSecurityFlg under fip140 subtree -- -- Changed by Pesah Spector -- ========================================================== -- Version 1.0.3 -- 04 July 2004 -- Updating the enumeration scpConfigFile to be scpConfigFiles in secMngProtoId. -- -- 1. Change by Shlomi Biton -- ========================================================== -- -- Version 1.0.2 -- 28 June 2004 -- Definition of DHCP and TFTP enumerations. -- Adding tftp(16) and dhcp(17) to secMngProtoId. -- -- 1. Add by Shlomi Biton -- ========================================================== -- -- Version 1.0.1 -- 27 June 2004 -- Definition of RFA based license support -- -- 1. Add by Pesah Spector -- ========================================================== -- -- Version 1.0.0 -- Definition of network services protocols first relase -- ========================================================== -- -- -- SECURITY-MANAGEMENT-MIB DEFINITIONS ::= BEGIN IMPORTS lsg FROM AVAYAGEN-MIB cmgTrapLocation, cmgTrapOnBoard, cmgTrapSubsystem, cmgTrapOnIccMissing, cmgTrapModule FROM G700-MG-MIB ifIndex, ifType, ifPhysAddress, ifName FROM IF-MIB genOpLastFailureDisplay, genAppFileId, genAppFileName, genAppFileVersionNumber FROM LOAD-MIB DisplayString FROM RFC1213-MIB OBJECT-GROUP, NOTIFICATION-GROUP FROM SNMPv2-CONF IpAddress, Unsigned32, Counter64, OBJECT-TYPE, MODULE-IDENTITY, OBJECT-IDENTITY, NOTIFICATION-TYPE FROM SNMPv2-SMI InetAddress, InetAddressType FROM INET-ADDRESS-MIB avEntPhySeverity FROM AVAYA-ENTITY-MIB PhysAddress, DateAndTime, TEXTUAL-CONVENTION FROM SNMPv2-TC; -- 1.3.6.1.4.1.6889.2.1.14.1 secMngModule MODULE-IDENTITY LAST-UPDATED "201003231045Z" -- Mar 22, 2010 at 10:46 GMT ORGANIZATION "Avaya" CONTACT-INFO "Contact-info." DESCRIPTION "Defines MIB objects related to device secured management." REVISION "200603131849Z" -- March 13, 2006 at 18:49 GMT DESCRIPTION "Support for ASG Authentication File and Authentication Notifications" REVISION "200511231321Z" -- November 23, 2005 at 13:21 GMT DESCRIPTION "Version 1.0.9 add support for new portocol enum value telnetServices in object secMngProtoId, added as part of G450 project development - ref CID 110907 Pesah " REVISION "200501111654Z" -- January 11, 2005 at 16:54 GMT DESCRIPTION " Version 1.0.6 Added support for SYN cookies operational state monitoring, and configueration state monitoring/change. The following items were added: o secTcpSynCookies o secTcpSynCkiOpState o secTcpSynCkiCfgState Changed by Nimrod Dezent" REVISION "200503021602Z" -- March 02, 2005 at 16:02 GMT DESCRIPTION " Version 1.0.7 2 MAr 2005 Added support for MSS notification generated as result of DoS attacks or unauthenticated attempts - see definition in CID 104904. All new MIB objects - notification and varbinds are located under avMssNotifications MIB subtree " REVISION "200504201606Z" -- April 20, 2005 at 16:06 GMT DESCRIPTION " 1.0.8 Changed default value of MSS rate limiting from 60 seconds to 300 seconds" REVISION "200602271916Z" -- February 27, 2006 at 19:16 GMT DESCRIPTION "Adding new notifictations supporting Secret Management for backup and restore (startup-config) file " REVISION "201003231045Z" -- Mar 21, 2010 at 16:57 GMT DESCRIPTION " Adding traps which support IPv6. a. avUnAuthAccessEvent. b. avAccountLockoutEvent. c. avIPv6AddressDuplicationEvent. d. avNSReceivedDuplicateAddressEvent. e. avNAReceivedDuplicateAddressEvent. " ::= { avayaSecurity 1 } -- -- Textual conventions -- -- January 11, 2005 at 17:00 GMT -- February 27, 2006 at 19:16 GMT -- April 20, 2005 at 16:06 GMT -- March 02, 2005 at 16:02 GMT -- January 11, 2005 at 16:54 GMT -- November 23, 2005 at 13:21 GMT -- -- Textual conventions -- -- January 11, 2005 at 17:00 GMT -- November 23, 2005 at 13:21 GMT -- January 11, 2005 at 16:54 GMT -- March 02, 2005 at 16:02 GMT -- April 20, 2005 at 16:06 GMT -- -- Textual conventions -- -- January 11, 2005 at 17:00 GMT -- April 20, 2005 at 16:06 GMT -- March 02, 2005 at 16:02 GMT -- January 11, 2005 at 16:54 GMT -- -- Textual conventions -- -- January 11, 2005 at 17:00 GMT -- January 11, 2005 at 16:54 GMT -- -- Textual conventions -- -- January 11, 2005 at 17:00 GMT -- January 11, 2005 at 16:54 GMT -- -- Textual conventions -- -- January 01, 2003 at 18:26 GMT -- -- Textual conventions -- OnOffType ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Description." SYNTAX INTEGER { on(1), off(2) } -- January 01, 2003 at 18:26 GMT -- January 01, 2003 at 18:26 GMT -- -- Textual conventions -- ServiceStateType ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Description." SYNTAX INTEGER { on(1), off(2), notSupported(3) } -- -- Node definitions -- -- Node definitions -- -- Node definitions -- -- Node definitions -- -- Node definitions -- -- Node definitions -- -- Node definitions -- -- Node definitions -- -- 1.3.6.1.4.1.6889.2.1.14 -- 1.3.6.1.4.1.6889.2.1.14 -- 1.3.6.1.4.1.6889.2.1.14 avayaSecurity OBJECT IDENTIFIER ::= { lsg 14 } -- Node definitions -- -- 1.3.6.1.4.1.6889.2.1.2.1 -- 1.3.6.1.4.1.6889.2.1.14.1.1 -- 1.3.6.1.4.1.6889.2.1.14.1.1 -- 1.3.6.1.4.1.6889.2.1.14.1.1 secMode OBJECT-TYPE SYNTAX OnOffType MAX-ACCESS read-only STATUS current DESCRIPTION "When the security mode flag = on - it indicates that device operates in secured mode, =off - in non-secured mode. Otherwize when the value retuned =Not relevant - secured mode is not supported in this device." ::= { secMngModule 1 } -- 1.3.6.1.4.1.6889.2.1.14.1.2 -- 1.3.6.1.4.1.6889.2.1.14.1.2 secTcpSynCookies OBJECT IDENTIFIER ::= { secMngModule 2 } -- 1.3.6.1.4.1.6889.2.1.14.1.2.1 -- 1.3.6.1.4.1.6889.2.1.14.1.2.1 secTcpSynCkiOpState OBJECT-TYPE SYNTAX OnOffType MAX-ACCESS read-only STATUS current DESCRIPTION "Monitors the operational state of the TCP SYN cookies defense mechanism. The operational state of the SYN cookies can change only after a reset, if the configuration state was changed and the running configuration was saved to the startup configuration before the reset. Use secTcpSynCkiCfgState to monitor and change the SYN cookies configuration state. When the SYN cookies feature is turned on, it helps protect the local host from SYN attacks (a type of DoS attack)." ::= { secTcpSynCookies 1 } -- 1.3.6.1.4.1.6889.2.1.14.1.2.2 -- 1.3.6.1.4.1.6889.2.1.14.1.2.2 secTcpSynCkiCfgState OBJECT-TYPE SYNTAX OnOffType MAX-ACCESS read-write STATUS current DESCRIPTION "Controls and monitors the configuration state of the TCP SYN cookies defense mechanism. The operational state of the SYN cookies can change only after reset, if the configuration state was changed and the running configuration was saved to the startup configuration before the reset. Use secTcpSynCkiOpState to monitor the SYN cookies operational state. When the SYN cookies feature is turned on, it helps protect the local host from SYN attacks (a type of DoS attack). " ::= { secTcpSynCookies 2 } -- 1.3.6.1.4.1.6889.2.1.2.3 -- 1.3.6.1.4.1.6889.2.1.14.1.3 -- 1.3.6.1.4.1.6889.2.1.14.1.3 -- 1.3.6.1.4.1.6889.2.1.14.1.3 secMngProtoTable OBJECT-TYPE SYNTAX SEQUENCE OF SecMngProtoEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "List of security management protocols supported in the device. " ::= { secMngModule 3 } -- 1.3.6.1.4.1.6889.2.1.2.3.1 -- 1.3.6.1.4.1.6889.2.1.14.1.3.1 -- 1.3.6.1.4.1.6889.2.1.14.1.3.1 -- 1.3.6.1.4.1.6889.2.1.14.1.3.1 secMngProtoEntry OBJECT-TYPE SYNTAX SecMngProtoEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Description." INDEX { secMngProtoId } ::= { secMngProtoTable 1 } SecMngProtoEntry ::= SEQUENCE { secMngProtoId INTEGER, secMngProtoStatus ServiceStateType } -- 1.3.6.1.4.1.6889.2.1.2.3.1.1 -- 1.3.6.1.4.1.6889.2.1.14.1.3.1.1 -- 1.3.6.1.4.1.6889.2.1.14.1.3.1.1 -- 1.3.6.1.4.1.6889.2.1.14.1.3.1.1 secMngProtoId OBJECT-TYPE SYNTAX INTEGER { scpConfigFiles(1), scpImageFiles(2), ssh(3), telnet(4), snmpv3(5), http(6), https(7), telnetClient(8), icmpRedirection(9), icmp(10), recoveryPassword(11), sshClient(12), snmpv1(13), icmpEcho(14), ftpClient(15), tftp(16), dhcp(17), dnsResolver(18), scpClient(19), tftpClient(20), telnetServices(21), dnsRelay(22), arpInspection(23) } MAX-ACCESS read-only STATUS current DESCRIPTION "Index to the secMngProtoTable. The index can take one of the following values that correspond to supported management protocols scpConfigFiles(1), scpImageFiles(2), ssh(3), telnet(4), snmpv3(5), http(6), https(7), telnetClient(8), icmpRedirection(9), - icmp redirection service state icmp(10), - icmp services status recoveryPassword(11), - recovery password state sshClient(12), snmpv1(13), icmpEcho(14) - icmp service has been launched in EchoOnly mode tftp(16), dhcp(17), dnsResolver(18, scpClient(19), tftpClient(20), servicesTelnet(21), - reports telnet status on Services interface in G450 Missing entry indicates that corresponding protocol is not supported. " ::= { secMngProtoEntry 1 } -- The index of the supported protocols. For not supported protocol -- the entry will not be -- 1.3.6.1.4.1.6889.2.1.2.3.1.2 -- 1.3.6.1.4.1.6889.2.1.14.1.3.1.2 -- 1.3.6.1.4.1.6889.2.1.14.1.3.1.2 -- 1.3.6.1.4.1.6889.2.1.14.1.3.1.2 secMngProtoStatus OBJECT-TYPE SYNTAX ServiceStateType MAX-ACCESS read-only STATUS current DESCRIPTION "Portocol status. When the status is =on - it indicates that correpsonding protocol is up and running, =off - protocol is down. Otherwize when the value retuned =Not relevant - the protocol is not supported." ::= { secMngProtoEntry 2 } -- 1.3.6.1.4.1.6889.2.1.14.1.4 -- 1.3.6.1.4.1.6889.2.1.14.1.4 -- 1.3.6.1.4.1.6889.2.1.14.1.4 secMngConformance OBJECT IDENTIFIER ::= { secMngModule 4 } -- 1.3.6.1.4.1.6889.2.1.14.1.4.1 -- 1.3.6.1.4.1.6889.2.1.14.1.4.1 -- 1.3.6.1.4.1.6889.2.1.14.1.4.1 secMngGroups OBJECT IDENTIFIER ::= { secMngConformance 1 } -- 1.3.6.1.4.1.6889.2.1.14.1.4.1.1 -- 1.3.6.1.4.1.6889.2.1.14.1.4.1.1 -- 1.3.6.1.4.1.6889.2.1.14.1.4.1.1 secMngBasicGroup OBJECT-GROUP OBJECTS { secMode, secMngProtoId, secMngProtoStatus, secTcpSynCkiOpState, secTcpSynCkiCfgState, fipsEnhancedSecurityFlg } STATUS current DESCRIPTION "Description." ::= { secMngGroups 1 } -- 1.3.6.1.4.1.6889.2.1.14.1.4.2 -- 1.3.6.1.4.1.6889.2.1.14.1.4.2 -- 1.3.6.1.4.1.6889.2.1.14.1.4.2 secMngCompliance OBJECT IDENTIFIER ::= { secMngConformance 2 } -- 1.3.6.1.4.1.6889.2.1.14.1.5 -- 1.3.6.1.4.1.6889.2.1.14.1.5 -- 1.3.6.1.4.1.6889.2.1.14.1.5 lsgLicManagement OBJECT-IDENTITY STATUS current DESCRIPTION "Group of MIBs objects used for configuration/presentation of the License information generated by Avaya Remote Feature Activation (RFA) system. " ::= { secMngModule 5 } -- 1.3.6.1.4.1.6889.2.1.14.1.5.1 -- 1.3.6.1.4.1.6889.2.1.14.1.5.1 -- 1.3.6.1.4.1.6889.2.1.14.1.5.1 lsgLicMngTable OBJECT-TYPE SYNTAX SEQUENCE OF LsgLicMngEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "RFA based License management table. All elements are displaying the feature activation status. License activation controlled by the license file. The table is indexed by the license feature keyword assuming that the same keyword describing a feature cannot appear more than once per a license file. " ::= { lsgLicManagement 1 } -- 1.3.6.1.4.1.6889.2.1.14.1.5.1.1 -- 1.3.6.1.4.1.6889.2.1.14.1.5.1.1 -- 1.3.6.1.4.1.6889.2.1.14.1.5.1.1 lsgLicMngEntry OBJECT-TYPE SYNTAX LsgLicMngEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Entry in lsgLicMngTable. " INDEX { lsgLicMngFeatureKeyword } ::= { lsgLicMngTable 1 } LsgLicMngEntry ::= SEQUENCE { lsgLicMngFeatureKeyword OCTET STRING, lsgLicMngFeatureType INTEGER, lsgLicMngAdminStatus OnOffType, lsgLicMngOperStatus OnOffType, lsgLicMngCountedValue Unsigned32, lsgLicMngLastError INTEGER } -- 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.1 -- 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.1 -- 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.1 lsgLicMngFeatureKeyword OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-create STATUS current DESCRIPTION "This table entry contains a features keyword. The feature keywords are text-based for example FEAT_VPN string. This field is used as a table index" ::= { lsgLicMngEntry 1 } -- 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.2 -- 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.2 -- 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.2 lsgLicMngFeatureType OBJECT-TYPE SYNTAX INTEGER { onOffFeature(1), quantifiableFeature(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "License activation mechanism support two feature types * Boolean on-off feature * Features that describe quantities for example number of concurrent VPN peers " ::= { lsgLicMngEntry 2 } -- 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.3 -- 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.3 -- 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.3 lsgLicMngAdminStatus OBJECT-TYPE SYNTAX OnOffType MAX-ACCESS read-only STATUS current DESCRIPTION "An administration status shows the feature activation status - when set to On the feature is activated by the RFA licensing system. " ::= { lsgLicMngEntry 3 } -- 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.4 -- 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.4 -- 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.4 lsgLicMngOperStatus OBJECT-TYPE SYNTAX OnOffType MAX-ACCESS read-only STATUS current DESCRIPTION "The operation status shows the actual status of the corresponding feature - feature can be not operational enabled if for example device must be reset for feature to be activated or feature is not supported by a device." ::= { lsgLicMngEntry 4 } -- 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.5 -- 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.5 -- 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.5 lsgLicMngCountedValue OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "For counted features, this entry shows the associated quantity" ::= { lsgLicMngEntry 5 } -- 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.6 -- 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.6 -- 1.3.6.1.4.1.6889.2.1.14.1.5.1.1.6 lsgLicMngLastError OBJECT-TYPE SYNTAX INTEGER { licNoError(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "Shows feature error state" ::= { lsgLicMngEntry 6 } -- 1.3.6.1.4.1.6889.2.1.14.1.5.20 -- 1.3.6.1.4.1.6889.2.1.14.1.5.20 -- 1.3.6.1.4.1.6889.2.1.14.1.5.20 lsgLicMngConformance OBJECT-IDENTITY STATUS current DESCRIPTION "Description." ::= { lsgLicManagement 20 } -- 1.3.6.1.4.1.6889.2.1.14.1.5.20.1 -- 1.3.6.1.4.1.6889.2.1.14.1.5.20.1 -- 1.3.6.1.4.1.6889.2.1.14.1.5.20.1 lsgLicMngGroups OBJECT-IDENTITY STATUS current DESCRIPTION "Description." ::= { lsgLicMngConformance 1 } -- 1.3.6.1.4.1.6889.2.1.14.1.5.20.1.1 -- 1.3.6.1.4.1.6889.2.1.14.1.5.20.1.1 -- 1.3.6.1.4.1.6889.2.1.14.1.5.20.1.1 lsgLicMngBasicGroup OBJECT-GROUP OBJECTS { lsgLicMngFeatureKeyword, lsgLicMngFeatureType, lsgLicMngAdminStatus, lsgLicMngOperStatus, lsgLicMngCountedValue, lsgLicMngLastError } STATUS current DESCRIPTION "Description." ::= { lsgLicMngGroups 1 } -- 1.3.6.1.4.1.6889.2.1.14.1.6 -- 1.3.6.1.4.1.6889.2.1.14.1.6 -- 1.3.6.1.4.1.6889.2.1.14.1.6 fips140 OBJECT-IDENTITY STATUS current DESCRIPTION "Description." ::= { secMngModule 6 } -- 1.3.6.1.4.1.6889.2.1.14.1.6.1 -- 1.3.6.1.4.1.6889.2.1.14.1.6.1 -- 1.3.6.1.4.1.6889.2.1.14.1.6.1 fipsEnhancedSecurityFlg OBJECT-TYPE SYNTAX OnOffType MAX-ACCESS read-only STATUS current DESCRIPTION "enhanceSecurity flag reports operation of a product in enhance security mode. When running under enhanced security a product performs certain secure-related activities safely, closely matching FIPS-140-2 standard. However the flag doesn't necessary indicate that all device operations comply to FIPS approved mode as some of security activities might be controlled via different mechanisms for example manual configuration. Security policy/Crypto Office guidance documents shall be used as reference as for if this flag can be used as an evidence for operation in FIPS approved mode. The flag is read only and set via product CLI. " ::= { fips140 1 } -- 1.3.6.1.4.1.6889.2.1.14.1.7 avMssNotifications OBJECT-IDENTITY STATUS current DESCRIPTION "Subtree hosting MSS notification traps" ::= { secMngModule 7 } -- 1.3.6.1.4.1.6889.2.1.14.1.7.0 avMssNotificationPrefix OBJECT-IDENTITY STATUS current DESCRIPTION "Description." ::= { avMssNotifications 0 } -- 1.3.6.1.4.1.6889.2.1.14.1.7.0.1 avMSSDenialOfService NOTIFICATION-TYPE OBJECTS { avMSSVarbindsDoSType, avMSSVarbindsSrcAddr, avMSSVarbindsDstAddr, avMSSVarbindsDstPort, avMSSVarbindsCount, avMSSVarbindsIpProtocol, ifIndex, ifName, avMSSVarbindsSrcMACAddr } STATUS current DESCRIPTION "The MSS notification sent on DoS attack" ::= { avMssNotificationPrefix 1 } -- 1.3.6.1.4.1.6889.2.1.14.1.7.2 avMSSNotificationRate OBJECT-TYPE SYNTAX INTEGER (10..28800) UNITS "Second" MAX-ACCESS read-write STATUS current DESCRIPTION "Defines the rate of MSS notification report. MSS reports will be generated as per rate if the event group counter passes the threshold correspondingly. The rate units are given in seconds with minimum - 10 seconds maximum - 8 hours (60 * 60 * 8) " DEFVAL { 300 } ::= { avMssNotifications 2 } -- 1.3.6.1.4.1.6889.2.1.14.1.7.4 avMSSVarbinds OBJECT-IDENTITY STATUS current DESCRIPTION "Subtree of access-for-notify arguments to MSS notification varbinds list." ::= { avMssNotifications 4 } -- 1.3.6.1.4.1.6889.2.1.14.1.7.4.1 avMSSVarbindsDoSType OBJECT-TYPE SYNTAX INTEGER { avMSSDoSMalformedARPs(1), avMSSDoSLandAttack(2), avMSSDoSICMPReflectAttack(3), avMSSDoSUknownPort(4), avMSSDoSUrgTCPOption(5), avMSSDoSMalformedIP(6), avMSSDoSSynFlood(7), avMSSDoSSmurfAttack(8), avMSSDoSFraggleAttack(9), avMSSDoSMalFragmentIP(10), avMSSSpoofedIP(11), avMSSUnknownL4Protocol(12), avMSSunAuthenticatedAccess(13), avMSSUserDefinedDoSAttack100(100), avMSSUserDefinedDoSAttack101(101), avMSSUserDefinedDoSAttack102(102), avMSSUserDefinedDoSAttack103(103), avMSSUserDefinedDoSAttack104(104), avMSSUserDefinedDoSAttack105(105) } MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Enumeration of DoS attacks" ::= { avMSSVarbinds 1 } -- 1.3.6.1.4.1.6889.2.1.14.1.7.4.2 avMSSVarbindsDescription OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Textual description of the DoS event " ::= { avMSSVarbinds 2 } -- 1.3.6.1.4.1.6889.2.1.14.1.7.4.3 avMSSVarbindsSrcAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Source IP address in IP header. Set to 0.0.0.0 if address is unknown" ::= { avMSSVarbinds 3 } -- 1.3.6.1.4.1.6889.2.1.14.1.7.4.4 avMSSVarbindsDstAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Destination IP address in IP header. Set to 0.0.0.0 if address is unknown" ::= { avMSSVarbinds 4 } -- 1.3.6.1.4.1.6889.2.1.14.1.7.4.5 avMSSVarbindsDstPort OBJECT-TYPE SYNTAX INTEGER (0..65535) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Destination port number in IP header. 0 if port is not applicable or unknown" DEFVAL { 0 } ::= { avMSSVarbinds 5 } -- 1.3.6.1.4.1.6889.2.1.14.1.7.4.6 avMSSVarbindsIpProtocol OBJECT-TYPE SYNTAX INTEGER (0..255) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The protocol field in IP header " ::= { avMSSVarbinds 6 } -- 1.3.6.1.4.1.6889.2.1.14.1.7.4.7 avMSSVarbindsCount OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Counted number of events that occur in a given period for a corresponding class of security violations (DoS, not authorized access, etc)." ::= { avMSSVarbinds 7 } -- 1.3.6.1.4.1.6889.2.1.14.1.7.4.8 avMSSVarbindsSrcMACAddr OBJECT-TYPE SYNTAX PhysAddress MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Source Physical address (MAC) of a packet identified as a packet carrying DoS payload. Set to 00:00:00:00:00:00 when phyicial address is not supported or unknown to the system" DEFVAL { "00:00:00:00:00:00" } ::= { avMSSVarbinds 8 } -- 1.3.6.1.4.1.6889.2.1.14.1.8 avMSSgroup OBJECT-GROUP OBJECTS { avMSSNotificationRate, avMSSVarbindsSrcAddr, avMSSVarbindsDstAddr, avMSSVarbindsDstPort, avMSSVarbindsDescription, avMSSVarbindsIpProtocol, avMSSVarbindsDoSType, avMSSVarbindsCount, avMSSVarbindsSrcMACAddr } STATUS current DESCRIPTION "Description." ::= { secMngModule 8 } -- 1.3.6.1.4.1.6889.2.1.14.1.9 mssNotificationGroup NOTIFICATION-GROUP NOTIFICATIONS { avMSSDenialOfService } STATUS current DESCRIPTION "Description." ::= { secMngModule 9 } -- 1.3.6.1.4.1.6889.2.1.14.1.10 secMngNotifications OBJECT-IDENTITY STATUS current DESCRIPTION "Description." ::= { secMngModule 10 } -- 1.3.6.1.4.1.6889.2.1.14.1.10.0 secMngNotificationsPrefix OBJECT-IDENTITY STATUS current DESCRIPTION "Description." ::= { secMngNotifications 0 } -- 1.3.6.1.4.1.6889.2.1.14.1.10.0.1 avConfigurationEncKeyMismatchFault NOTIFICATION-TYPE OBJECTS { cmgTrapSubsystem, cmgTrapOnBoard, cmgTrapLocation, genAppFileId, genAppFileName, genAppFileVersionNumber, genOpLastFailureDisplay } STATUS current DESCRIPTION "Encryption keys mismatch error. Configuration download operation is aborted" ::= { secMngNotificationsPrefix 1 } -- 1.3.6.1.4.1.6889.2.1.14.1.10.0.2 avConfigurationMasterKeyChange NOTIFICATION-TYPE OBJECTS { cmgTrapSubsystem, cmgTrapOnBoard, cmgTrapLocation } STATUS current DESCRIPTION "Configuration Master key was changed " ::= { secMngNotificationsPrefix 2 } -- 1.3.6.1.4.1.6889.2.1.14.1.10.0.3 avPasswordToExpireAlert NOTIFICATION-TYPE OBJECTS { cmgTrapSubsystem, cmgTrapOnBoard, cmgTrapLocation, secMngNumOfDays2Expire } STATUS current DESCRIPTION "User password is about to expire in n days " ::= { secMngNotificationsPrefix 3 } avUnAuthAccessEvent NOTIFICATION-TYPE OBJECTS { cmgTrapSubsystem, cmgTrapOnBoard, cmgTrapLocation, avUnauthUserName, avUnauthInetAddressType, avUnauthInetAddress, avUnauthProtocol, avASGAuthFileAFID, avEntPhySeverity } STATUS current DESCRIPTION "Notification on unauthorized login attempts. o For CLI and SNMP login failures: Both SNMP SSH and WEB management interfaces shall identify situation and alert. The reported information should include wrong user name, host name and IP address of remote host. Passwords is not reported because of the possibility to reveal password. o For pre-shared-key (PSK) authentication failure in IKE: * lntUnauthUserName - - In IKE AM: the ID sent by the remote peer in the ID payload. - In IKE MM: the ID associated with the remote peer IP in the running configuration. * avUnauthInetAddressType and avUnauthInetAddress - represents the source IP of the packet sent by the remote peer. * avUnauthProtocol - lntIKEAccess(500) " ::= { secMngNotificationsPrefix 200 } avAccountLockoutEvent NOTIFICATION-TYPE OBJECTS { cmgTrapSubsystem, cmgTrapOnBoard, cmgTrapLocation, avUnauthUserName, avUnauthInetAddressType, avUnauthInetAddress, avUnauthProtocol, avASGAuthFileAFID, avEntPhySeverity } STATUS current DESCRIPTION "After configurable number of failed attempts to authenticate a user, device penalized by locking them out for a pre-specified amount of time." ::= { secMngNotificationsPrefix 201 } avIPv6AddressDuplicationEvent NOTIFICATION-TYPE OBJECTS { cmgTrapSubsystem, cmgTrapOnBoard, cmgTrapLocation, avDuplicatedInetAddressType, avDuplicatedInetAddress, avDuplicatedMACAddress, ifIndex, ifName, avASGAuthFileAFID, avEntPhySeverity } STATUS current DESCRIPTION "The trap is generated whenever there is a detection of IPv6 address (link-local or global IPv6 address) duplication as part of DAD." ::= { secMngNotificationsPrefix 202 } -- 1.3.6.1.4.1.6889.2.1.14.1.10.1 secMngVarbinds OBJECT-IDENTITY STATUS current DESCRIPTION "Notify only varbinds used for notifications in secMngNotifications group" ::= { secMngNotifications 1 } -- 1.3.6.1.4.1.6889.2.1.14.1.10.1.1 secMngNumOfDays2Expire OBJECT-TYPE SYNTAX Unsigned32 UNITS "Days" MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Description." ::= { secMngVarbinds 1 } avUnauthUserName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..32)) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The name of the user who's attempt to access device was identified as unauthorized. " ::= { secMngVarbinds 3 } avUnauthProtocol OBJECT-TYPE SYNTAX INTEGER { avSSHAccess(22), avTELNETAccess(23), avHTTPAccess(80), avSNMPAccess(161), avHTTPSAccess(443), avIKEAccess(500), avRASAccess(6889), avConsoleAccess(6890), avPPPAccess(6891) } MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The management protocol employed for the unauthorized access - avSSHAccess(22) -- SSH protocol avTELNETAccess(23), --Telnet protocol avHTTPAccess(80), -- HTTP protocol avSNMPAccess(161), -- SNMP protocol avHTTPSAccess(443), -- HTTPS protocol over TLS sockets avIKEAccess(500), -- IKE protocol - PSK authentication failure avRASAccess(6889), -- RAS access over dial-up connection avConsoleAccess(6890), -- Access from the Console port avPPPAccess(6891) -- Access to PPP over modem " ::= { secMngVarbinds 5 } avUnauthInetAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The Inet Address Type of access violating station" ::= { secMngVarbinds 9 } avUnauthInetAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The Inet Address of access violating station" ::= { secMngVarbinds 10 } avDuplicatedInetAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The duplicated Inet Address Type." ::= { secMngVarbinds 11 } avDuplicatedInetAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The duplicated Inet Address." ::= { secMngVarbinds 12 } avDuplicatedMACAddress OBJECT-TYPE SYNTAX PhysAddress MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The MAC address of the station that claims to be configured with the duplicated IPv6 address." ::= { secMngVarbinds 13 } -- 1.3.6.1.4.1.6889.2.1.14.1.10.2 avMngNotificationCompliance OBJECT-GROUP OBJECTS { secMngNumOfDays2Expire } STATUS current DESCRIPTION "Description." ::= { secMngNotifications 2 } -- 1.3.6.1.4.1.6889.2.1.14.1.11 secMngNotificationGroup NOTIFICATION-GROUP NOTIFICATIONS { avConfigurationEncKeyMismatchFault, avConfigurationMasterKeyChange } STATUS current DESCRIPTION "Description." ::= { secMngModule 11 } -- 1.3.6.1.4.1.6889.2.1.14.1.12 avASGAuthenticationFiles OBJECT-IDENTITY STATUS current DESCRIPTION "Info on authentication file(s) installed in a product" ::= { secMngModule 12 } -- 1.3.6.1.4.1.6889.2.1.14.1.12.3 avASGAuthFileHeader OBJECT-IDENTITY STATUS current DESCRIPTION "The information on Authentication File stored in ASG AF file header " ::= { avASGAuthenticationFiles 3 } -- 1.3.6.1.4.1.6889.2.1.14.1.12.3.1 avASGAuthFileAFID OBJECT-TYPE SYNTAX DisplayString (SIZE (0..10)) MAX-ACCESS read-only STATUS current DESCRIPTION "The productID value ascociated with the Authentication File (format 7xxxxxxxxx) " ::= { avASGAuthFileHeader 1 } -- 1.3.6.1.4.1.6889.2.1.14.1.12.3.2 avASGAuthFileGenDate OBJECT-TYPE SYNTAX DisplayString UNITS "YYYY/MM/DD" MAX-ACCESS read-only STATUS current DESCRIPTION "Date of Authentication file generation (format YYYY/MM/DD)" ::= { avASGAuthFileHeader 2 } -- 1.3.6.1.4.1.6889.2.1.14.1.12.3.3 avASGAuthFileGenTime OBJECT-TYPE SYNTAX DisplayString (SIZE (0..8)) UNITS "HH:MM:SS" MAX-ACCESS read-only STATUS current DESCRIPTION "A 8-character string in US short locale time (format= HH:MM:SS)" ::= { avASGAuthFileHeader 3 } -- 1.3.6.1.4.1.6889.2.1.14.1.12.3.4 avASGAuthFileRelease OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "Major software release the AF file was generated for " ::= { avASGAuthFileHeader 4 } -- 1.3.6.1.4.1.6889.2.1.14.1.12.3.5 avASGNotifications OBJECT-IDENTITY STATUS current DESCRIPTION "Description." ::= { avASGAuthFileHeader 5 } -- 1.3.6.1.4.1.6889.2.1.14.1.12.3.5.0 avASGNotificationsPrefix OBJECT-IDENTITY STATUS current DESCRIPTION "Description." ::= { avASGNotifications 0 } -- 1.3.6.1.4.1.6889.2.1.14.1.12.3.5.0.1 avASGAFDownloadSuccess NOTIFICATION-TYPE OBJECTS { cmgTrapSubsystem, cmgTrapOnBoard, cmgTrapLocation, genAppFileId, genAppFileName, genAppFileVersionNumber, avASGAuthFileAFID } STATUS current DESCRIPTION "AF download successfully accomplished" ::= { avASGNotificationsPrefix 1 } -- 1.3.6.1.4.1.6889.2.1.14.1.12.3.5.0.2 avASGAFDownloadFailure NOTIFICATION-TYPE OBJECTS { cmgTrapSubsystem, cmgTrapOnBoard, cmgTrapLocation, genAppFileId, genAppFileName, genAppFileVersionNumber, genOpLastFailureDisplay, avASGAuthFileAFID } STATUS current DESCRIPTION "AF download Failed " ::= { avASGNotificationsPrefix 2 } -- 1.3.6.1.4.1.6889.2.1.14.1.12.1000 avASGAuthFileGroup OBJECT-GROUP OBJECTS { avASGAuthFileAFID, avASGAuthFileGenDate, avASGAuthFileGenTime, avASGAuthFileRelease } STATUS current DESCRIPTION "Description." ::= { avASGAuthenticationFiles 1000 } -- 1.3.6.1.4.1.6889.2.1.14.1.12.1001 avASGAuthFileNotificationGroup NOTIFICATION-GROUP NOTIFICATIONS { avASGAFDownloadFailure, avASGAFDownloadSuccess } STATUS current DESCRIPTION "ASG authentictation File Notification Group" ::= { avASGAuthenticationFiles 1001 } -- 1.3.6.1.4.1.6889.2.1.13 avSecLocalDateAndTime OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-write STATUS current DESCRIPTION "Setting the Local current RTC date and time, when not registered with CM" ::= { secMngModule 13 } END -- -- security-management-mib.my --